DAC Beachcroft | Insurance, Privacy & Data Security News
June 2014 update
Catch up with the latest cyber risk legislation and regulatory developments with the DAC Beachcroft Adviser Newsletter
As the implementation of the European Data Protection Regulation drops further behind schedule, one could be forgiven for thinking that all is quiet on the cyber risk insurance front.
The draft Regulation is often cited as the awaited trigger to the cyber risk insurance market in Europe. However, recent developments show a greater awareness and necessity for tightening security standards in the absence of any formal change in the law which could prompt greater interest in risk mitigation strategies and the purchase of insurance.
Last month, the ICO issued a report on the top 8 reasons for IT security failures which have given rise to the most serious breaches that have been investigated by the ICO. Whilst the aptly titled report "learning from the mistakes of others" is not legally binding, it will be interesting to see whether sanctions will be higher for organisations who fail to learn from those mistakes. The UK government has also recently launched its Cyber Essentials scheme, an accredited certification scheme aimed at mitigating the most common internet based threats to cyber security. It seems, therefore, that rather than being the year of the Regulation, 2014 is set to be the 'year of the cyber standard'.
As always, cyber breaches are never far from the headlines and this month is no exception. eBay is the latest high-profile victim of an attack on a massive scale highlighting that even the most sophisticated of organisations can fall victim.
Click any of the links below to read more ...
Information Technology and Data Protection Legislation
§ U.S Court Ruling on Microsoft data stored overseas
§ ICO updates guidance on the difference between Data Controllers and Data Processors
§ Global Privacy Enforcement Network announces global privacy enforcement network annual enforcement sweep
§ American apparel settles with FTC following false claims it was compliant with EU Safe Harbor Framework
§ ICO issues new IT Security Guidance
§ ICO releases revised CCTV Code of Practice
§ Court of Justice of the European Union ("CJEU") hands down landmark judgement against Google
§ Direct marketing association ("DMA") clarifies ICO guidance on Direct Marketing
§ EBay suffers major Data Protection breach
§ ICO undertakings issued - May 2014
EU Data Protection Regulation Developments
§ EU Data Protection reform continues to be delayed
§ French Data Protection Authority ("CNIL") reveals 2013 Annual Activity Report and discusses proposed EU Data Protection Regulations
Updates from around the World...
§ White House releases report on Big Data
§ Kenyan Data Protection Bill to be tabled in Parliament
§ U.S. Consumer Financial Protection Bureau proposes new rules for Financial Institution Privacy Compliance